On 21 October 2013 17:12, Stephen Kent <[email protected]> wrote: > > 1) Name Constraints MUST be marked critical > > And utterly stupid restriction since the semantics of the criticality > bit are 'break backwards compatibility'. Use of name constraints provide a > significant reduction in the attack surface and would have prevented the > Flame attack. However marking a name constraint critical breaks Safari and > provides no security benefit in the Web PKI. > > Outcome: Industry has decided that the standard is that name constraints > MAY be marked non-critical. > > It might be worth emhpasizing that the principal reason cited for not > marking the extension critical, as per X,.509 > and RFC 5280, was a single vendor's unwillingness to fix a bug in their > browser. The CABF members, being browser vendors > as well as third-party CAs, was the prefect venue in which elect to given > precedence to a vendor's intransigence. > > Even if that vendor had been willing to fix the bug, you'd still need name constraints to be non-critical, or they'd break every outdated browser. Which would mean they could not be used for many years. So clearly they had to be non-critical, as will future extensions have to be, I'm sure.
So, I don't think the emphasis is worth it.
_______________________________________________ perpass mailing list [email protected] https://www.ietf.org/mailman/listinfo/perpass
